Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3783
Views
1
Helpful
3
Replies

Your access to this mail system has been rejected due to the sending MTA's poor reputation.

emfl
Level 1
Level 1

‎05-28-2020 12:12 PM

We are ESP and a little over two weeks ago we started seeing a sudden change in our ratings of several of our IPs at Talos. Some messages started to be returned with  smtp;554 Your access to this mail system has been rejected due to the sending MTA's poor reputation

 

This seemed odd. No client sends across all the IPs that this seemed to be affecting, and not all of our IPs were being affected. Checking out the ratings elsewhere, like Return Path that has our IPs at or near the top possible rating and other sources such as Symantec's Reputation List where none of our IPs are rated poorly only made us question Cisco's methods even more.

 

None of the IPs are on current blacklists according to MxToolbox and other sources. According to Talos' own reputation finder there are no blacklists and the spam levels are all consistent at None. Again, odd. No reason listed for what was happening. And nothing odd happening outside of the Talos bubble.

 

We submitted a ticket. The process is very odd as we weren't able to simply ask a question but had to say what we thought the ratings should be. We did this. We got an initial canned response that anything rating Neutral was basically fine and not to worry about it and that the support team would get in touch with us soon about the Poor ratings. Silence.

 

Two weeks have gone by. Instead of contacting us and helping us understand what had happened and proper steps to take the ticket was simply resolved (without even notifying us). Another ticket was created (it too was resolved without any contact). Multiple messages both through email and ticket responses have been sent. New tickets have been created. Silence.

 

Separate tickets have been created in other Cisco support sections as the Talos support group seems incapable of dealing with them. So far no luck. Only one of these led to an actual person, but that thread ultimately led nowhere because they only provide support on Cisco hardware. The most generic Cisco support interface we could find also offered an automatic initial response suggesting a ticket would be created and someone would reach out. Again, nothing happened. Also odd, the links in that email went to site whose URL would not resolve and when checking on multiple URL up/down sites all agreed the site was down. Again not helpful.

 

Looking elsewhere for any help we could find, since none at Cisco appeared imminent, one response that we got from our contact at Return Path was that they had another client who recently had the same odd behavior we've been seeing with IPs dropping without warning or reason. It seems they were lucky enough to get a support person who responded and the fix for them were to make some infrastructure changes. We don't know if that's something we need to do (or even what that might entail) or if there are entirely different steps we should take.

 

So... two questions:

1. Anyone ever actually gotten through to Talos support?

2. Anyone know how we can fix our issue?

3 people had this problem
Labels:
3 Replies 3

Libin Varghese
Cisco Employee
Cisco Employee

‎11-03-2020 12:19 AM

If the recipient is rejecting connections based on Talos senderbase score, they do have options on the ESA to add the IP to a Whitelist bypassing senderbase score lookups.

 

The customer with ESA can also open a TAC case to engage Talos and gather additional details on why the IP has a poor score. While Talos could provide some pointers, its not an all inclusive list.

 

Since senderbase scores are dynamic in nature its not possible to discuss a cause here, however some possible reasons include increase in reported spam from that source, ensure rDNS points to a FQDN, rDNS points to domain in the SMTP HELO FQDN, rDNS points to a domain that matches the email sender domain or a domain that matches the parent domain, etc.

 

Regards,

Libin

0 Helpful

webks
Level 1
Level 1

‎08-27-2024 03:08 AM - edited ‎08-27-2024 10:23 AM

We have exactly the same issue! The support tickets are being closed with standard replies, while emails can't be delivered to several recipients from totally different companies and countries. This is frustrating.

 

Update: Ensure to use the correct ticket type! "Email reputation"! People just do THEIR job and don't think further...

0 Helpful

ccieexpert
Spotlight
Spotlight

‎08-27-2024 10:19 AM

check your reputation for the public ip / domain on talos and other lists

0 Helpful
Customers Also Viewed These Support Documents